Technology Audit and Compliance Analyst

October 4

Apply Now

Receive Emails with Similar Jobs

LanguageLine Solutions

WebsiteLinkedInAll Job Openings

Phone Interpreting • OnSite Interpreting • On Demand Video Interpreting • Translation and Localization • Testing and Training of Bilingual and Interpreting Staff

10,000+

Description

• Oversee programs, policies, and practices to ensure compliance with the Sarbanes-Oxley Act (SOX), SSAE16 SOC2, ISO27001, HITRUST, and customer audits related to the Information Services function. • Manage the development and testing of internal controls, reporting, and the identification of process deficiencies and improvements. • Responsible for security policy development, managing exceptions, promoting security awareness, conducting vendor risk assessments, monitoring cyber security, and addressing vulnerabilities. • Support Quality Management System (QMS) to improve processes, procedures, and services, increasing efficiency and customer satisfaction. • Identify areas for improvement in Technology control environments across services. • Lead testing of Technology controls for compliance standards on a regular basis. • Develop, maintain, and publish up-to-date Information Security Policies. • Serve as a key liaison between Technology & Risk Management and business units. • Actively contribute to and manage a variety of security projects. • Act as a Technology Subject Matter Expert (SME) for audits and assessments.

Requirements

• 2-3 years of experience in information technology, including knowledge and application of information systems compliance and controls. • 2-3 years of experience with underlying technologies such as networking, Active Directory, Windows Server, and Linux. • 1-2 years of experience in a compliance-focused role, or equivalent. • 1-2 years of experience with Technology SOX, SSAE16 SOC2, ISO27001, and HITRUST. • Experience auditing general controls related to logical and physical access, permission sets, password configurations, change management, and incident management. • Strong proficiency in the logical security of Active Directory and remote access technology. • Demonstrated ability to research, learn, and apply new and emerging technologies, with a solid understanding of state-of-the-art and emerging technology compliance, cyber security threats, Artificial Intelligence (AI), technology trends, vendors, and products. • Knowledge of HIPAA, PCI, NIST 800-53, HITRUST, ISO27001, and SSAE16 SOC2 requirements. • Ability to perform technical scans for infrastructure vulnerabilities using commercially available tools and follow patching and incident management processes as needed. • Experience creating patching service requests and tracking remediation efforts. • Must be capable of handling confidential or sensitive matters with professionalism.